Blog Posts Tagged with "Passwords"

Recently, some researchers have been working on comparing password vault software products and have found some issues. However, many of the vendors are quickly moving to remediate the identified issues, many of which were simply improper use of proprietary cryptography schemes...

There have been a barrage of stories recently about organizations asking applicants and employees for their Facebook, Twitter, LinkedIn and other social networking passwords. Compelled password disclosure is a very bad idea for organizations to do for many reasons...

In one complaint received by the IC3, a business claimed their computer was infected with a virus after opening the attachment in the e-mail they received. As a result, the business lost nearly $100,000 when fraudsters successfully wired money from the company's bank account...

The idea is to choose phrase that you will be able to remember and a simple algorithm for converting it to a strong password. Even the best encryption systems are not going to protect your data if you use weak passwords and a hacker gains physical access to your mobile device...

These principles won’t be sufficient when you’re in high-risk locales and they won’t stop a targeted attack, but they will make it less likely that you’ll suffer a serious breach because of poor security habits or over-reliance on antivirus or firewall applications...

Chaney admitted he hacked into the e-mail accounts by taking the victims’ e-mail addresses, clicking on the “Forgot your password?” feature, then re-setting the passwords by answering security questions using publicly available information he found on the Internet...

Manufactures don’t always know how to retrieve data stored in new phones, so how do investigators do it? Staying up-to-date is challenging but not impossible. As criminals come up with new ways to abuse them, strangely enough, this can be beneficial for forensics...

Social networking has quickly become a major medium for communications for both individuals and organizations, but the platforms that allow the development of online personae are not without their own inherent risks. These social media security basics everyone should embrace...

Unfortunately, I suspect that if this actually happened at the Pentagon a quarter million times a year, America would be in a much, much worse position than we are today. Our battle plans would be compromised, launch codes, schematics, and covert identities would be compromised...

The fake YouTube page attacks users in two ways: it requires you to enter your YouTube login credentials in order to leave comments, and it installs malware disguised as an Adobe Flash Player update. To see if you have been infected, look for the following files...

Have you ever wondered why enterprise security people are so downtrodden? Baffled by the impossible arrogance of penetration testers when they laugh at corporate security postures? The bottom line: people have always been and will always be the Achilles heel...

With unit sales of smartphones and tablets eclipsing those of desktop and laptop PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues. Protect yourself...

The thing is that the lower security hashes are not present on the SAM stored on the hard drive. When the security accounts are loaded into active RAM, Windows re-creates the LM hashes. The LM Hash can be pulled from active RAM using the Windows Credential Editor (WCE)...

Researchers form Palo Alto Networks have detected a new variation of the briefly defeated Waledac spamming botnet, but this version is able to sniff out login credentials for several email protocols as well as files with the .dat extension related to BitCoin and FTP...

Most modern productivity software will automatically insert this information into documents for benefits such as collaboration. However, if not removed before being published to a website, metadata can put an organization at risk...